jaggar/iac-cljs-configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update to add exec-fn, better handling of options, and a few more functions

Browse Source
This commit is contained in:
GigiaJ
2025-10-07 22:27:09 -05:00
parent 7ecc53bb2e
commit 3657b05e9e
1 changed files with 93 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

138
iac/src/main/utils/k8s.cljs
View File

@@ -4,7 +4,8 @@
["@pulumi/pulumi" :as pulumi] ["@pulumi/pulumi" :as pulumi]
["@pulumi/vault" :as vault] ["@pulumi/vault" :as vault]
[utils.vault :as vault-utils] [utils.vault :as vault-utils]
[clojure.string :as str] ["@pulumi/docker" :as docker]
["path" :as path]
[configs :refer [cfg]])) [configs :refer [cfg]]))
(defn assoc-ins [m path-vals] (defn assoc-ins [m path-vals]
@@ -23,64 +24,38 @@
after (clj->js (assoc-ins base-values updates))] after (clj->js (assoc-ins base-values updates))]
after))))) after)))))
(defn create-secret [provider app-namespace app-name secrets-data]
(new (.. k8s -core -v1 -Secret) (str app-name "-secrets")
(clj->js {:metadata {:name (str app-name "-secrets")
:namespace app-namespace}
:stringData secrets-data})
(clj->js {:provider provider})))
(defn create-image [app-name]
(let [context-path (.. path (join "." (-> cfg :resource-path)))
dockerfile-path (.. path (join context-path (str app-name ".dockerfile")))]
(new (.. docker -Image) app-name
(clj->js {:build {:context context-path
:dockerfile dockerfile-path}
:imageName (str (-> cfg :docker-repo) "/" app-name ":latest")}))))
(defn deploy-stack (defn create-ns [provider app-namespace]
"Deploys a versatile stack of K8s resources, including optional Helm charts."
[& args]
(let [[component-kws [options]] (split-with keyword? args)
requested-components (set component-kws)
{:keys [provider vault-provider app-namespace app-name hostname image image-port caddy-snippet vault-load-yaml chart-repo transformations helm-values-fn]
:or {vault-load-yaml false image-port 80 caddy-snippet "" helm-values-fn #(:base-values %)}} options
app-labels {:app app-name}
full-snippet (str "tls {\n dns cloudflare {env.CLOUDFLARE_API_TOKEN}\n}\n" caddy-snippet)
ns (when (requested-components :namespace)
;;(try
(new (.. k8s -core -v1 -Namespace) app-namespace (new (.. k8s -core -v1 -Namespace) app-namespace
(clj->js {:metadata {:name app-namespace}}) (clj->js {:metadata {:name app-namespace}})
(clj->js {:provider provider}))
#_(catch js/Error _
(.get (.. k8s -core -v1 -Namespace) (str "ns-" app-name)
app-namespace
(clj->js {:provider provider}))) (clj->js {:provider provider})))
);;)
(defn create-chart [provider app-namespace app-name chart-repo helm-fn dependencies transformations ]
(new (.. k8s -helm -v3 -Chart) app-name
prepared-vault-data (when (requested-components :vault-secrets)
(vault-utils/prepare {:provider provider
:vault-provider vault-provider
:app-name app-name
:app-namespace app-namespace
:load-yaml vault-load-yaml}))
{:keys [helm-v3 secrets yaml-values bind-secrets]} prepared-vault-data
helm-fn (helm-values-fn {:base-values yaml-values
:secrets secrets
:app-name app-name})
host (.apply secrets #(aget % "host"))
chart (when (requested-components :chart)
(new (.. helm-v3 -Chart) app-name
(clj->js {:chart app-name (clj->js {:chart app-name
:fetchOpts {:repo chart-repo} :fetchOpts {:repo chart-repo}
:namespace app-namespace :namespace app-namespace
:values helm-fn}) :values helm-fn
:transformations (if transformations [transformations] [])})
(clj->js {:provider provider (clj->js {:provider provider
:enableServerSideApply false :enableServerSideApply false
:dependsOn (vec (filter identity [ns bind-secrets])) :dependsOn dependencies})))
:transformations (vec (filter identity [transformations]))})))
deployment (when (requested-components :deployment) (defn create-deployment [provider app-namespace app-name app-labels image image-port dependencies]
(new (.. k8s -apps -v1 -Deployment) app-name (new (.. k8s -apps -v1 -Deployment) app-name
(clj->js {:metadata {:namespace app-namespace (clj->js {:metadata {:namespace app-namespace
:name app-name} :name app-name}
@@ -91,18 +66,18 @@
[{:name app-name [{:name app-name
:image image :image image
:ports [{:containerPort image-port}]}]}}}}) :ports [{:containerPort image-port}]}]}}}})
(clj->js {:provider provider :dependsOn [ns]}))) (clj->js {:provider provider
:dependsOn dependencies})))
service (when (requested-components :service) (defn create-service [provider app-namespace app-name app-labels image-port dependencies]
(new (.. k8s -core -v1 -Service) app-name (new (.. k8s -core -v1 -Service) app-name
(clj->js {:metadata {:namespace app-namespace (clj->js {:metadata {:namespace app-namespace
:name app-name} :name app-name}
:spec {:selector app-labels :spec {:selector app-labels
:ports [{:port 80 :targetPort image-port}]}}) :ports [{:port 80 :targetPort image-port}]}})
(clj->js {:provider provider :dependsOn [deployment]}))) (clj->js {:provider provider :dependsOn dependencies})))
app-dependency (or service chart bind-secrets)
ingress (when (requested-components :ingress) (defn create-ingress [provider app-namespace app-name full-snippet host image-port dependencies]
(new (.. k8s -networking -v1 -Ingress) app-name (new (.. k8s -networking -v1 -Ingress) app-name
(clj->js (clj->js
{:metadata {:name app-name {:metadata {:name app-name
@@ -115,6 +90,61 @@
:pathType "Prefix" :pathType "Prefix"
:backend {:service {:name app-name :backend {:service {:name app-name
:port {:number image-port}}}}]}}]}}) :port {:number image-port}}}}]}}]}})
(clj->js {:provider provider :dependsOn [app-dependency]})))] (clj->js {:provider provider :dependsOn dependencies})))
{:namespace ns, :vault-secrets prepared-vault-data, :chart chart, :deployment deployment, :service service, :ingress ingress})) (defn deploy-stack
"Deploys a versatile stack of K8s resources, including optional Helm charts."
[& args]
(let [[component-kws [options]] (split-with keyword? args)
requested-components (set component-kws)
{:keys [provider vault-provider pulumi-cfg app-namespace app-name image image-port caddy-snippet vault-load-yaml chart-repo transformations exec-fn helm-values-fn]
:or {vault-load-yaml false image-port 80 caddy-snippet "" helm-values-fn #(:base-values %) transformations nil}} options
app-labels {:app app-name}
full-snippet (str "tls {\n dns cloudflare {env.CLOUDFLARE_API_TOKEN}\n}\n" caddy-snippet)
prepared-vault-data (when (requested-components :vault-secrets)
(vault-utils/prepare {:provider provider
:vault-provider vault-provider
:app-name app-name
:app-namespace app-namespace
:load-yaml vault-load-yaml}))
{:keys [secrets yaml-values bind-secrets]} (or prepared-vault-data {:secrets nil :yaml-values nil :bind-secrets nil})
helm-fn (helm-values-fn {:base-values yaml-values
:secrets (if (some? prepared-vault-data) secrets nil)
:app-name app-name})
host (when secrets (.apply secrets #(aget % "host")))
ns (when (requested-components :namespace)
(create-ns provider app-namespace))
docker-image (when (requested-components :docker-image)
(create-image app-name))
image (if (some? docker-image) (str (-> cfg :docker-repo) "/" app-name ":latest") image)
chart (when (requested-components :chart)
(create-chart provider app-namespace app-name chart-repo helm-fn (vec (filter some? [ns docker-image bind-secrets])) transformations))
deployment (when (requested-components :deployment)
(create-deployment provider app-namespace app-name app-labels image image-port [docker-image]))
service (when (requested-components :service)
(create-service provider app-namespace app-name app-labels image-port [deployment]))
app-dependency (or service chart bind-secrets)
ingress (when (requested-components :ingress) (create-ingress provider app-namespace app-name full-snippet host image-port [app-dependency]))
execute (when (requested-components :execute)
(exec-fn (assoc options :dependencies (vec (filter some? [chart ns deployment service ingress docker-image])))))]
{:namespace ns, :vault-secrets prepared-vault-data, :chart chart, :deployment deployment, :service service, :ingress ingress :execute execute}))